Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Read all database attachments even if duplicated #3180

Merged
merged 1 commit into from May 25, 2019

Conversation

2 participants
@droidmonkey
Copy link
Member

commented May 25, 2019

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Description and Context

  • Fixes #3048
  • Certain programs that read/write KDBX4 files do not consolidate duplicate attachments into a single binary. This is against the KDBX4 specification. This change ensures KeePassXC will at least read the database in its entirety and not lose information. Upon saving the database in KeePassXC, the duplicate attachment binaries will be reduced to single binaries per the specification.

Testing strategy

Tested with sample databases provided in issue 3048.

Checklist:

  • I have read the CONTRIBUTING document. [REQUIRED]
  • My code follows the code style of this project. [REQUIRED]
  • All new and existing tests passed. [REQUIRED]
  • I have compiled and verified my code with -DWITH_ASAN=ON. [REQUIRED]
  • My change requires a change to the documentation, and I have updated it accordingly.
  • I have added tests to cover my changes.
Read all database attachments even if duplicated
* Fixes #3048
* Certain programs that read/write KDBX4 files do not consolidate duplicate attachments into a single binary. This is against the KDBX4 specification. This change ensures KeePassXC will at least read the database in its entirety and not lose information. Upon saving the database in KeePassXC, the duplicate attachment binaries will be reduced to single binaries per the specification.

@droidmonkey droidmonkey added this to the v2.4.2 milestone May 25, 2019

@droidmonkey droidmonkey requested a review from phoerious May 25, 2019

@phoerious
Copy link
Member

left a comment

Are binaries deduplicated on save? You say yes, but have you tested it?

@phoerious

This comment has been minimized.

Copy link
Member

commented May 25, 2019

Oh, and one more thing that needs to be tested: correcting binary indices must update the modification date of entries or else we may see weird effects with sync and merge.

@droidmonkey

This comment has been minimized.

Copy link
Member Author

commented May 25, 2019

Yes I tested the deduplication on save. It's the same mechanism as if you attached a duplicate file to an entry. We don't do deduplication until the time of saving. This is an area of future improvement with attachments.

The modified time should not be changed. We are just updating the ref index of the entry in the xml. There are literally no changes to the entry itself.

@droidmonkey droidmonkey merged commit 6d5c6c7 into release/2.4.2 May 25, 2019

4 checks passed

CodeFactor No issues found.
Details
MacOS (KeepassXC) TeamCity build finished
Details
Ubuntu Linux (KeepassXC) TeamCity build finished
Details
Windows 10 (KeepassXC) TeamCity build finished
Details

@droidmonkey droidmonkey deleted the hotfix/db-attachments branch May 25, 2019

droidmonkey added a commit that referenced this pull request May 31, 2019

Release 2.4.2
- Improve resilience against memory attacks - overwrite memory before free [#3020]
- Prevent infinite save loop when location is unavailable [#3026]
- Attempt to fix quitting application when shutdown or logout issued [#3199]
- Support merging database custom data [#3002]
- Fix opening URL's with non-http schemes [#3153]
- Fix data loss due to not reading all database attachments if duplicates exist [#3180]
- Fix entry context menu disabling when using keyboard navigation [#3199]
- Fix behaviors when canceling an entry edit [#3199]
- Fix processing of tray icon click and doubleclick [#3112]
- Update group in preview widget when focused [#3199]
- Prefer DuckDuckGo service over direct icon download (increases resolution) [#2996]
- Remove apply button in application settings [#3019]
- Use winqtdeploy on Windows to correct deployment issues [#3025]
- Don't mark entry edit as modified when attribute selection changes [#3041]
- Use console code page CP_UTF8 on Windows if supported [#3050]
- Snap: Fix locking database with session lock [#3046]
- Snap: Fix theming across Linux distributions [#3057]
- Snap: Use SNAP_USER_COMMON and SNAP_USER_DATA directories [#3131]
- KeeShare: Automatically enable WITH_XC_KEESHARE_SECURE if quazip is found [#3088]
- macOS: Fix toolbar text when in dark mode [#2998]
- macOS: Lock database on switching user [#3097]
- macOS: Fix global Auto-Type when the database is locked [#3138]
- Browser: Close popups when database is locked [#3093]
- Browser: Add tests [#3016]
- Browser: Don't create default group if custom group is enabled [#3127]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.